Automatic Data Processing
Associate Security Engineer - WAF & Runtime Protections
Automatic Data Processing, Roseland, New Jersey, United States, 07068
Associate Security Engineer - WaF & Runtime Protections
Unlock Your Career Potential: Global Security Organization at ADP. Do you have a passion for going on the offensive to safeguard critical information? As ADP's Global Security Organization (GSO), we know that our clients rely on us for human capital management solutions, but beyond that, they entrust us with one of their most valuable assets -- their employee data. We are honored by this trust and are laser focused on securing data at every step in the information lifecycle, ensuring integrity, confidentiality and compliance with industry and government regulations at all times. From the cloud to the data center and across every emerging device, you'll join a team of experts in the GSO who are always staying one step ahead in this ever-changing world of data by continually evolving our strategies and technologies to protect ADP and our clients. Position Summary
In this position, you'll be responsible for assessing the runtime security policies of ADP applications by performing deep reviews of web traffic, creating policy recommendations and engaging operationally with app teams to gain commitment to enforce those policies. This role is best suited for individuals who are detailed, driven, and confident in assessing data patterns for true and false positives in a fast-paced environment at scale. You should be familiar with common web attack signatures (CWE & CVE) or have a security background with the ability quickly upskill rapidly and identify them on a daily basis. The ideal candidate would like to expand to other areas of runtime application security in future (GenAI Guardrails, API Security) and contribute to software development projects along the way. Location: Roseland, NJ or Alpharetta, GA Responsibilities: This is a full-time cybersecurity position for a senior technical security analyst Review web application firewall (WAF) policy-level traffic on a weekly (or daily) basis in a timely manner and identify actions to tighten security by moving rules from alarm to deny Regularly mature policy settings for discrete applications within the WAF as an outcome of your reviews by presenting recommendations and meeting with the app teams to earn confidence and explain next steps Be accountable for your individual operational progress and don't be afraid to ask for help Contribute towards team or program improvements by identifying areas to improve and working with leadership to make Maintain consistent documentation associated to all operational activities and all developed systems or integrations Be able to take high level directive and self-manage assignments in runtime operations to completion with appropriate touchpoints Apply now! Qualifications Required: Bachelor's degree or equivalent knowledge demonstration in a relevant field such as computer science, computer engineering, or information technology 1-2 years of experience in security OR demonstrated success in similar security work Demonstrated expertise in analyzing web traffic for known common attack patterns like SQLi, XSS, and more OR good understanding of application security and CWE/CVE with demonstrated potential to rapidly skill up Ability to self-identify patterns in metadata (security or otherwise) across individual or multiple records and strategize ways to quickly filter data as needed An interest to learn and grow in application security and its runtime protections (WAF, GenAI Guardrails, API Security, etc.) Preferred Qualifications: Preference will be given to candidates who have the following: Expertise in reading and writing one core coding or scripting language (Java, Python, etc.) Experience in querying (SQL) and data manipulation (RegEx, etc) across various toolsets Experience with engaging with other teams from a governance position Experience in detailed & organized documentation Inclination to proactively learn and grow within a cybersecurity organization Have an opinion
the ability to think and judge for yourself is crucial towards helping our application teams reduce their workload in identifying false positives You'll love working here because you can: Have courageous team collaboration Deliver at epic scale Be surrounded by curious learners Act like an owner & doer Give back to others Join a company committed to equality and equity Apply today!
Unlock Your Career Potential: Global Security Organization at ADP. Do you have a passion for going on the offensive to safeguard critical information? As ADP's Global Security Organization (GSO), we know that our clients rely on us for human capital management solutions, but beyond that, they entrust us with one of their most valuable assets -- their employee data. We are honored by this trust and are laser focused on securing data at every step in the information lifecycle, ensuring integrity, confidentiality and compliance with industry and government regulations at all times. From the cloud to the data center and across every emerging device, you'll join a team of experts in the GSO who are always staying one step ahead in this ever-changing world of data by continually evolving our strategies and technologies to protect ADP and our clients. Position Summary
In this position, you'll be responsible for assessing the runtime security policies of ADP applications by performing deep reviews of web traffic, creating policy recommendations and engaging operationally with app teams to gain commitment to enforce those policies. This role is best suited for individuals who are detailed, driven, and confident in assessing data patterns for true and false positives in a fast-paced environment at scale. You should be familiar with common web attack signatures (CWE & CVE) or have a security background with the ability quickly upskill rapidly and identify them on a daily basis. The ideal candidate would like to expand to other areas of runtime application security in future (GenAI Guardrails, API Security) and contribute to software development projects along the way. Location: Roseland, NJ or Alpharetta, GA Responsibilities: This is a full-time cybersecurity position for a senior technical security analyst Review web application firewall (WAF) policy-level traffic on a weekly (or daily) basis in a timely manner and identify actions to tighten security by moving rules from alarm to deny Regularly mature policy settings for discrete applications within the WAF as an outcome of your reviews by presenting recommendations and meeting with the app teams to earn confidence and explain next steps Be accountable for your individual operational progress and don't be afraid to ask for help Contribute towards team or program improvements by identifying areas to improve and working with leadership to make Maintain consistent documentation associated to all operational activities and all developed systems or integrations Be able to take high level directive and self-manage assignments in runtime operations to completion with appropriate touchpoints Apply now! Qualifications Required: Bachelor's degree or equivalent knowledge demonstration in a relevant field such as computer science, computer engineering, or information technology 1-2 years of experience in security OR demonstrated success in similar security work Demonstrated expertise in analyzing web traffic for known common attack patterns like SQLi, XSS, and more OR good understanding of application security and CWE/CVE with demonstrated potential to rapidly skill up Ability to self-identify patterns in metadata (security or otherwise) across individual or multiple records and strategize ways to quickly filter data as needed An interest to learn and grow in application security and its runtime protections (WAF, GenAI Guardrails, API Security, etc.) Preferred Qualifications: Preference will be given to candidates who have the following: Expertise in reading and writing one core coding or scripting language (Java, Python, etc.) Experience in querying (SQL) and data manipulation (RegEx, etc) across various toolsets Experience with engaging with other teams from a governance position Experience in detailed & organized documentation Inclination to proactively learn and grow within a cybersecurity organization Have an opinion
the ability to think and judge for yourself is crucial towards helping our application teams reduce their workload in identifying false positives You'll love working here because you can: Have courageous team collaboration Deliver at epic scale Be surrounded by curious learners Act like an owner & doer Give back to others Join a company committed to equality and equity Apply today!